BELL-CVE-2026-31753 CVE-2026-31753 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31750 CVE-2026-31750 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31746 CVE-2026-31746 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31710 CVE-2026-31710 does not affect BellSoft software

Bulletin has no description...

CVE-2026-6229

creationtimestamp| type| source ---|---|--- 2026-05-06 02:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3ml5nxwigtp2q 2026-05-06 02:33:09+00:00| seen| https://bsky.app/profile/potato.software/post/3ml5nxwwnu32t...

HCL BigFix Service Management 信息泄露漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management SM has a vulnerability related to information leakage. This vulnerability stems from the exposure of server banner information, allowing the...

PT-2026-37632

HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...

PT-2026-38221

Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code by exploiting insufficient file extension restrictions. Attackers with editor, author, contributor, or site...

Age Verification in the Web -- Holy Grail to Control Access to Restricted Content

Age verification before accessing restricted content is critical to protecting minors from exposure to harmful material such as pornography, gambling, violence, hateful speech, and substance purchases like alcohol and tobacco. Currently, the absence of reliable age-checking mechanisms allows...

Linux Distros Unpatched Vulnerability : CVE-2026-37458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service Do...

Linux Distros Unpatched Vulnerability : CVE-2026-7412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated...

Geovision GV-ASWeb 代码注入漏洞

Geovision GV-ASWeb is a web-based software developed by Geovision Corporation. It is used for remote access and configuration of the GV-ASManager’s database. Version 6.2.0 of Geovision GV-ASWeb contains a code injection vulnerability. This vulnerability stems from a remote code execution issue in...

PT-2026-37601

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The TSV110 processor is susceptible to the Spectre-BHB Branch History Buffer attack. This issue allows for the leakage of information via branch prediction side channels, which are...

skim-4.6.1-1.1 on GA media (moderate)

skim-4.6.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10683-1 Rating: moderate Cross-References: CVE-2026-41414 CVSS scores: CVE-2026-41414 SUSE : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

GHSA-XW8C-RRVX-F7XQ ciguard: SCA HTTP client reads response body without size cap

Summary Both SCA HTTP clients src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py call payload = json.loadsresp.read.decode'utf-8' without a maximum-bytes cap. A hostile or compromised endoflife.date / OSV.dev or a successful TLS MITM could return a multi-GB response,...

Allocation of Resources Without Limits or Throttling

Overview graphql is a plain-Ruby implementation of GraphQL. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper counting of comment tokens in the maxquerystringtokens configuration. An attacker can cause excessive resource...

CVE-2026-7447

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/updatecustomer.php. This manipulation of the argument type/length/business parameter validity causes sql injection. The attack is possible to be carried out...

CVE-2026-34596

Sandboxie-Plus (Windows) prior to v1.17.3 contains a TOCTOU race during addon installation. UpdUtil.exe runs as SYSTEM via SandBoxieSvc, stages updater files in %TEMP%\sandboxie-updater, verifies hashes against the addon manifest, then extracts files.cab and runs config.exe. An unprivileged user ...

CVE-2026-27960

creationtimestamp| type| source ---|---|--- 2026-05-05 19:19:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4vpud3o42r 2026-05-05 19:21:58+00:00| seen| https://bsky.app/profile/potato.software/post/3ml4vuza7cx2l 2026-05-05 21:58:42+00:00| seen|...

Exposure of Resource to Wrong Sphere

Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere in the CAProvider configuration process for SecretStore resources when resolving ConfigMaps across namespaces. An attacker can access CA material from another namespace by specifying the...